This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/XJXC8rN2wu4yrnBhr9DvP03wKlg.roa File: XJXC8rN2wu4yrnBhr9DvP03wKlg.roa (raw, json) Hash identifier: pCQBoLdKmxtmBQ2vu5ZofXpEqg/wmN1dQJ6QlNip1Wc= Subject key identifier: 5C:95:C2:F2:B3:76:C2:EE:32:AE:70:61:AF:D0:EF:3F:4D:F0:2A:58 Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019B78A27E5420AC3010970B795F7EF07DE2 Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/XJXC8rN2wu4yrnBhr9DvP03wKlg.roa Signing time: Thu 01 Jan 2026 08:17:53 +0000 ROA not before: Thu 01 Jan 2026 08:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 394844 IP address blocks: 185.52.136.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 12:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:7e:54:20:ac:30:10:97:0b:79:5f:7e:f0:7d:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Jan 1 08:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c95c2f2b376c2ee32ae7061afd0ef3f4df02a58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:22:a8:a9:2d:a3:17:e5:21:a3:ab:22:6c:34: a5:fc:e5:b9:e8:5e:db:bf:96:3e:d3:9e:84:68:a2: 47:b8:67:8d:5d:3b:90:01:dd:25:8d:d1:01:69:b1: cf:a8:c0:12:6d:b7:a9:35:84:36:1f:69:a3:6a:1e: b3:b1:73:f4:2e:eb:c9:21:e4:f5:c2:89:1a:83:11: e6:a1:95:b2:a0:a4:42:fd:a2:38:d9:f4:db:b2:71: 1f:2d:1c:3c:6c:91:84:6a:c8:df:1a:c0:1e:ba:52: 8c:da:90:87:fe:e0:8d:54:1e:8e:74:04:7d:6e:ba: 93:ea:2e:d0:c1:c0:d3:9e:e6:4c:cc:fc:f7:15:dc: 79:66:b5:c3:8a:8c:3e:17:a2:ce:33:54:97:59:57: ab:94:97:61:97:eb:f4:2d:39:9a:ed:2c:2e:b3:dd: 42:6f:2f:18:14:df:2f:33:54:d9:44:0c:db:95:f1: 4d:0f:3c:6c:80:11:b2:79:4a:61:5c:f4:ea:07:b8: fe:9f:8c:26:61:de:2c:60:91:72:b5:e4:4a:4e:81: 97:94:7b:b6:2c:c3:93:46:56:a5:f3:73:03:f5:60: 9e:26:23:4a:76:6e:62:9d:6a:ad:fd:88:49:a5:b5: a4:49:27:b4:06:dc:8e:a2:b0:06:7b:3c:c1:ae:f7: 91:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:95:C2:F2:B3:76:C2:EE:32:AE:70:61:AF:D0:EF:3F:4D:F0:2A:58 X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/XJXC8rN2wu4yrnBhr9DvP03wKlg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.52.136.0/24 Signature Algorithm: sha256WithRSAEncryption 42:fe:6a:ac:bb:53:e5:d1:b2:4e:e6:5b:29:38:30:17:f2:b0: a1:2e:2b:3a:5a:5f:fa:ad:ad:67:f5:be:85:be:89:71:98:c2: bb:ed:c7:be:05:cd:ec:f3:63:30:2c:0b:90:36:3c:1e:7c:23: a9:b9:88:dc:46:e8:d7:e4:03:cf:12:74:0e:b5:dc:94:fc:d4: 85:21:65:46:2d:d1:7c:92:26:bb:c4:78:b9:47:db:7a:44:a5: 30:e4:49:5f:1d:b4:9d:af:0b:25:0a:69:40:56:85:ba:92:16: 5f:52:93:61:0b:d1:d9:3a:7c:a8:23:90:0a:9e:29:96:52:ff: 7c:37:2e:e3:a9:8d:47:19:8e:1f:21:6c:46:2c:63:56:c4:42: ae:08:4d:5a:11:b3:79:36:40:1a:5d:88:f2:c2:b7:25:3a:5e: f7:c3:6b:33:90:34:af:3b:3c:e7:c1:c2:bd:46:09:bc:bd:3d: 1e:c9:ff:d9:bf:a0:3b:d6:5d:17:5d:19:a5:5f:66:e2:76:28: 3a:66:d3:b4:5d:ff:dc:c9:61:9f:f0:01:d1:f0:0d:e3:5d:05: ba:1d:14:7d:e4:29:ec:df:b4:77:0f:c6:31:6a:67:77:9e:eb: ca:87:1e:3b:47:3d:a6:24:2d:f7:92:78:4f:9e:40:4f:4b:e7: bd:3b:eb:50 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4on5UIKwwEJcLeV9+8H3iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjYwMTAxMDgxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Yzk1YzJmMmIzNzZjMmVlMzJhZTcwNjFhZmQwZWYzZjRkZjAyYTU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyKoqS2jF+Uho6sibDSl/OW56F7b v5Y+056EaKJHuGeNXTuQAd0ljdEBabHPqMASbbepNYQ2H2mjah6zsXP0LuvJIeT1 wokagxHmoZWyoKRC/aI42fTbsnEfLRw8bJGEasjfGsAeulKM2pCH/uCNVB6OdAR9 brqT6i7QwcDTnuZMzPz3Fdx5ZrXDiow+F6LOM1SXWVerlJdhl+v0LTma7Swus91C by8YFN8vM1TZRAzblfFNDzxsgBGyeUphXPTqB7j+n4wmYd4sYJFyteRKToGXlHu2 LMOTRlal83MD9WCeJiNKdm5inWqt/YhJpbWkSSe0BtyOorAGezzBrveRSwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFyVwvKzdsLuMq5wYa/Q7z9N8CpYMB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvWEpYQzhyTjJ3dTR5cm5CaHI5RHZQMDN3S2xnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTSIMA0G CSqGSIb3DQEBCwUAA4IBAQBC/mqsu1Pl0bJO5lspODAX8rChLis6Wl/6ra1n9b6F volxmMK77ce+Bc3s82MwLAuQNjwefCOpuYjcRujX5APPEnQOtdyU/NSFIWVGLdF8 kia7xHi5R9t6RKUw5ElfHbSdrwslCmlAVoW6khZfUpNhC9HZOnyoI5AKnimWUv98 Ny7jqY1HGY4fIWxGLGNWxEKuCE1aEbN5NkAaXYjywrclOl73w2szkDSvOzznwcK9 Rgm8vT0eyf/Zv6A71l0XXRmlX2bidig6ZtO0Xf/cyWGf8AHR8A3jXQW6HRR95Cns 37R3D8Yxamd3nuvKhx47Rz2mJC33knhPnkBPS+e9O+tQ -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:06 2026 by rpki-client